Jump to content
Sign in to follow this  
quancap2591

Hướng dẫn Impostor Account Facebook

Recommended Posts

BƯỚC 1:

Net traffic:

https://mbasic.facebook.com/support/forms/flow_view?raw_state={"data"%3A"AY2nD0BGM9wANk-qNlvC_4uAtgSqWGWK8Mm5fyzieD6-jG0eHl-NcMOPtmBci4whhUw7Z1q9pQYHCovoIrAU_-lPVPANON5N-B98XGEp_rC-Bvww5ZvG0q8C3CZ9fc1VkCHzadyjKl_uDP5-GlafyvKBod1GvWwhnip13FCQuO-sW_2_YbLi752SrFv0CJ91ruJAOfDH-DIXZ2p3n_UKzpyfrKL0GX1R7tbBYy0hZdn8pDurVs9DLJDR7wi1KDAfyv9YSV7CfsCrK-6qBmkvBTbV"%2C"mac"%3A"AY0jssQNmzT5lhbV"}&rand=1307108603

------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="lsd"

AVrGGcWz
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="jazoest"

2715
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="btnReported"

Yes
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="Field486329968082456"

mailcuatui@gmail.com
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="uploadID[]"; filename=""
Content-Type: application/octet-stream


------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="button_val[Next]"

Tiếp
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX--

Cần tìm:  lsd, jazoest, Field, raw_state trong url  https://mbasic.facebook.com/support/forms/flow_view?raw_state=....

$1 = _HttpRequest(2, 'https://mbasic.facebook.com/support/forms/flow_view?id=321804254561747')

$LinkPOST = StringRegExp($1, 'action="(/support/forms/flow_view\?raw_state=.*?)"', 1)
$lsd = StringRegExp($1, 'name="lsd" value="(.*?)"', 1)
$jazoest = StringRegExp($1, 'name="jazoest" value="(.*?)"', 1)
$Field = StringRegExp($1, 'name="(Field\d+)"', 1)

Content-Disposition: form-data; name="uploadID[]"; filename="" Content-Type: application/octet-stream  là up file nên thêm $ ở đầu uploadID[]

Local $form = ['ls=' & $lsd[0], 'jazoest=' & $jazoest[0], 'btnReported=Yes', $Field[0] & '=mailcuatui@gmail.com', '$uploadID[]=', 'button_val[Next]=Tiếp']

 

Hidden Content

    Give reaction or reply to this topic to see the hidden content.

 

BƯỚC 2:

Net traffic:

https://mbasic.facebook.com/support/forms/flow_view?raw_state=%7B%22data%22%3A%22AY2Wd-W6B06m2zowlNYu-_ulj9jM22xv5_XhBgD7syR4IXRB4lY8nOK_MyigCbBApwIl8WeKhXCAigM-9aI3KlAKwUuHoyMPUpSG9-hqgq_eE8lvsZEAOe9KtSWxvzja3O0VWpebeT-Q4Ce2FcjUYaL3_kK9a42RpmlsTNl0ENAe3_T3zgd73n2OGDsTvmsZUfCD5GNpBne1iDRiO_NQ7CH6garW4JSA1IqTRCD3rkK8Rm89hlS1X9SFI14WKpcvjFLbJMMQxNeGLevcgUIyMZKB%22%2C%22mac%22%3A%22AY1XqiU80ceWTFIC%22%7D&rand=315123950


------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="lsd"

AVrGGcWz
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="jazoest"

2715
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="txtYourName"

QUân
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="emailField"

quancap@gmail.com
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="dobYourDOB[year]"

2000
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="dobYourDOB[month]"

1
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="dobYourDOB[day]"

1
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="areaMailingAddress"

quancap@gmail.com
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="txtYourPhone"

0909112233
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="txtImpostorName"

Huy
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="Field486329968082456"

test@gmail.com
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="profileurl"

https://www.facebook.com/guyhug.12
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="uploadID[]"; filename="images.jpg"
Content-Type: image/jpeg

ÿØÿà
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="txtElectronicSig"

quancap
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX
Content-Disposition: form-data; name="button_val[Next]"

Tiếp
------WebKitFormBoundaryjcDJ0ORCyGBXXCqX--

lsd, jazoest, Field như cũ (giống bước 1) nên khỏi tìm, chỉ tìm URL raw_state mới từ $2

Content-Disposition: form-data; name="uploadID[]"; filename="images.jpg" Content-Type: image/jpeg ÿØÿà  là up file nên thêm $ ở đầu uploadID[]

Hidden Content

    Give reaction or reply to this topic to see the hidden content.

 

BƯỚC 3:

Net traffic:

https://mbasic.facebook.com/a/help/contact_us/


lsd=AVrGGcWz&jazoest=2715&form_id=321804254561747&raw_state=%7B%22data%22%3A%22AY3Kh1KKesPhev7t70DwGe9MC-157AhU6QrIWY7TPRdnNzRe9xbYjgkaS8N7NiSb1jBEV9Xva14Tw7nTNiGOEU9Qbspn40uVzqlablNQ7q01Rl0Cbo613AC0pNEa61PnyJhkoXVqZhQinquDgRiA0nQ5RPBJLcoDOyDtNSwuD53rDpbjnB4LtozpX8rBZYD6QAs1WZBY1kghniePQqB9mQP60qQk_vC9f9SOs2f_8N5DqWHawxefI73WSn9EXH3EiyfVDVuXB7ey202urzGuMUfxUbA6wNQ7w36Ud-NZNXuVedxi9oImF8iYotvPIeu5NWxdb8ZIWU3JIYbo4n6F4B_wNEKe_jRRQALr1p0fE55c0l8jyRs0mJKO9MQ1nUnDGPxMeUQBjz50u7wHgX4tpvS9i07Emv93X7wjKxzOEYC38mLNotJ4_-BPAtypWjHJb7bpSGgg3tUGKVEo7Q9O5a15fGHykhN8FhxHWibQrGfJ-OvjqHq7snOhSSaKZVT_lJyP0_U4Dejtr0bUPze2h_HFsU12_3NwZcyBQeOxqEmMyKAEYT9a4MxofHAdji2d4vQMMU4Ob7pPRS12v666-bws934kkswltaJurjrq1uXUeMPd6Os7FeFZApclw0kEh_dxa1Y8YfaTSoqkIVtTWOGDb_9aZwW_dQUbl_MfffXfDnWV4UMOsQ-fcIEGUCpU9_UJYAdDpDiWm7i5e2Y0_oD_ZAY64rzk_NVCQf_sxkoQP3_uMwJtOyYwyQOo3uceHt7t4OPPWc9jgP4fD9f2703QKZIFpR-l1SIhFpL_7HW2Uma22mKxpm55JSw2PXOJW3m_w01rsV1vgNwxP8VumtbwU1Ya-SoBGCX3CDH4BeMacq6BwTUgCfvCF3nXLzly6OEZEZBCatZlic95kiu4BLzWtk3Mo9L_rTcLuzsDDJX67Rx6voWo2T1q2m2pwqsEwPloIkwSFncPgscU7VIFmKbTyvOIw6-0ZDuG7hD4RGjCR9NerPt_HTOwgfVA_tZQlMLZQmIpJ2tNn0j9siCjwlylwS1nC5JAIMsO_E2qst-tC1ML2Mby9L-hMxA5ZJwWnQCj3gZ_E1UK95rE7PxZhlHFvhjwzVrlCOOHM9HCgfbEqRAExLzP9ZMGaByvDW8PmhUFn9XkbIK_jIZfuxVdp_JMKm4c5DILtu8dWycIWmYjTTERH0-7Gbj68WIFXmF-F_CyWMF08oMur7Z1EOnanmCwSzuu_ouCXu5d9XcHLPXkKpKrdCeQrP1TAZnGZ0PVv6B4MQOKEN8kUo7VmKqcDyA-cuu_bU7g-WQ-hvHBEKvXaW8JYcYIjfvs50t36AmkU7-F54_xWYX6NLm5b851pFSBe5vkXnvj4MOQ_ZcDfoKIV4vMBX3ZMzESPIQCJktPt_41ZmBLDgcm4WLk5RfqvPJWWmj4PR7fXnSzEGXLdvhtPucEVJeLJs9sFL4A2PVBMgmu_pLsU366IMqy165OFgiA%22%2C%22mac%22%3A%22AY1Pb6aIIU7oaoaO%22%7D&button_val%5BSubmit%5D=G%E1%BB%ADi

lsd, jazoest như cũ (giống bước 1) nên khỏi tìm.

lần này không lấy URL raw_state mà chỉ lấy giá trị raw_state nên StringRegExp thay đổi tí xíu.

Hidden Content

    Give reaction or reply to this topic to see the hidden content.

  • Like 6
  • Thanks 2

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×
×
  • Create New...